* Two VRF instances are configured by default. The management port on the supervisor module is assigned to the '''management''' VRF, and all I/O module ports are assigned to the '''default''' VRF.

* Two VRF instances are configured by default. The management port on the supervisor module is assigned to the '''management''' VRF, and all I/O module ports are assigned to the '''default''' VRF.

* The '''default''' VRF is the default routing context for all '''show''' commands.

* The '''default''' VRF is the default routing context for all '''show''' commands.

Revision as of 23:21, 6 January 2011

Objective

This tech note outlines the main differences in Layer 3 virtualization support between Cisco® NX-OS Software and Cisco IOS® Software. Sample configurations are included for Cisco NX-OS and Cisco IOS Software for some common features to demonstrate the similarities and differences. Please refer to the NX-OS documentation on Cisco.com for a complete list of supported features.

Virtualization Routing and Forwarding Overview

Virtual Routing and Forwarding (VRF) provides an additional layer of network virtualization on top of virtual device contexts (VDCs). VRF provides separate unicast and multicast address space and associated routing protocols that make independent forwarding decisions. All unicast and multicast protocols support VRF.

In Cisco NX-OS, numerous VRF instances can be assigned to a single routing protocol instance.

IP static routes are configured under the specified vrf context. In Cisco IOS Software, all static routes are configured in global configuration mode with the vrf option.

A VRF instance can be manually disabled with the shutdown command. Cisco IOS Software does not have the CLI capability to manually disable a VRF instance.

If a VRF context is removed with the no vrf context <name>configuration command, the VRF context commands will be removed from the running configuration making the VRF non-functional, but all non context related VRF commands will remain in the running configuration. When a VRF is removed in Cisco IOS Software, the VRF instance and all related VRF commands are automatically removed from the running configuration, including any interface IP addresses previously associated to the VRF.

Things You Should Know

The following list provides some additional facts about Cisco NX-OS that should be helpful when configuring and maintaining VRF instances.

When you assign a VRF instance to an interface with an IP address previously configured, the interface IP address is automatically removed.

Static routes or dynamic routing protocols can be configured for routing in a VRF instance (BGP, EIGRP, ISIS, OSPF, static routes, and RIPv2).

IP troubleshooting tools such as ping and traceroute are VRF aware and require the name of a specific VRF instance if testing in the default VRF instance is not desired.

The routing-context vrf command can be executed in EXEC mode to change the routing context to a non-default VRF instance. For example, typing routing-context vrf management changes the routing context, so all VRF related commands are executed in the management VRF as opposed to the default VRF.

The following sample code shows configuration similarities and differences between the Cisco NX-OS and Cisco IOS Software CLIs. Sample code is provided only to illustrate how to enable VRF routing. The Cisco NX-OS CLI is simpler and more consistent since it allows multiple VRF instances to be assigned to a single routing protocol instance, whereas Cisco IOS Software uses different techniques depending on the routing protocol.

Cisco IOS CLI

Cisco NX-OS CLI

Creating a VRF

ip cef

ip vrf vrf-1

vrf context vrf-1

Assigning an Interface to a VRF

interface Ethernet2/1

ip vrf forwarding vrf-1

ip address 192.168.10.1 255.255.255.0

interface Ethernet2/1

vrf member vrf-1

ip address 192.168.10.1/24

Enabling BGP in a VRF

router bgp 10

address-family ipv4 vrf vrf-1

neighbor 192.168.10.2 remote-as 20

neighbor 192.168.10.2 activate

network 192.168.1.1 mask 255.255.255.255

exit-address-family

router bgp 10

vrf vrf-1

address-family ipv4 unicast

network 192.168.1.1/32

neighbor 192.168.10.2 remote-as 20

address-family ipv4 unicast

Enabling EIGRP in a VRF

router eigrp 10

address-family ipv4 vrf vrf-1

network 192.168.10.0

auto-summary

autonomous-system 10

exit-address-family!

interface Ethernet2/1

vrf member vrf-1

ip address 192.168.10.1/24

ip router eigrp 10

router eigrp 10

vrf vrf-1

Enabling ISIS in a VRF

interface Ethernet2/1

ip vrf forwarding vrf-1

ip address 192.168.10.1 255.255.255.0

ip router isis 10

router isis 10

vrf vrf-1

net 49.0001.0000.0001.00

interface Ethernet2/1

vrf member vrf-1

ip address 192.168.10.1/24

ip router isis 10

router isis 10

vrf vrf-1

net 49.0001.0000.0001.00

Enabling OSPF in a VRF

interface Ethernet2/1

ip vrf forwarding vrf-1

ip address 192.168.10.1 255.255.255.0

router ospf 10 vrf vrf-1

network 192.168.10.0 0.0.0.255 area 0

interface Ethernet2/1

vrf member vrf-1

ip address 192.168.10.1/24

ip router ospf 10

router ospf 10

vrf vrf-1

Enabling RIPv2 in a VRF

interface Ethernet2/1

ip vrf forwarding vrf-1

ip address 192.168.10.1 255.255.255.0

router rip

address-family ipv4 vrf vrf-1

network 192.168.10.0

version 2

exit-address-family

interface Ethernet2/1

vrf member vrf-1

ip address 192.168.10.1/24

ip router rip 10

router rip 10

vrf vrf-1

Configuring Static Routes in a VRF

ip route vrf vrf-1 192.168.2.0 255.255.255.0 192.168.10.2

vrf context vrf-1

ip route 192.168.2.0/24 192.168.10.2

Verification Command Comparison

The following table compares some useful show commands for verifying and troubleshooting VRF instances.